Responsibilities:
- Report to the Head of Cyber Strategy Consulting.
- Lead and deliver cybersecurity strategy consulting engagements such as Cybersecurity Maturity Assessments, advisory, business transformation, Framework and Policy reviews.
- Serve as a trusted advisor to senior client stakeholders (Board, C-suite, CIO/CISO, Risk leaders).
- Use a Threat-Informed Defence approach to contextualise and prioritise actionable cybersecurity strategies given the client's business objectives and environment.
- Facilitate workshops and discussions to elicit stakeholder inputs using design-thinking approaches.
- Lead workstreams or small teams across multiple engagements, managing client expectations, ensuring high-quality and on-time delivery.
- Coach and mentor junior consultants, providing guidance on both technical and consulting skills.
- Drive service improvements and innovation by contributing to internal methodologies, accelerators, and intellectual capital.
- Contribute to thought leadership (e.g. whitepapers, public consultations, podcasts).
- Support proposal development, client pursuits, and account growth activities.
- Stay current on emerging cyber threats, regulations, and industry trends to inform client advice.
Requirements:
- Relevant cybersecurity certification, e.g. CISSP, CISM
- Bachelor's degree in Information Security, Engineering, Computer Science, Information Systems, or relevant fields. Relevant Master's degree will be a plus.
- Typically 6–10+ years of experience in cybersecurity, technology, or management consulting, with at least:
- 3+ years in a client-facing consulting or advisory role
- Demonstrated experience delivering cybersecurity strategy or technology transformation engagements
- Strong structured problem-solving and analytical skills.
- Excellent written and verbal communication, including the ability to communicate complex cyber topics to non-technical executives.
- Executive presence and confidence in engaging senior stakeholders.
- Keep abreast of business and technology trends and understand the implications to the clients.
- Comfortable working in ambiguous, fast-paced environments.
- Collaborative team player with a coaching mindset.
- Proficient in Microsoft Office suite and track record of developing high quality deliverables to clients.
- Applicants selected may be subjected to security screening and may need to meet eligibility requirements for access to classified information.
Preferred Skills /Qualities:
- Familiar with international regulations such as Cybersecurity Laws, Privacy Laws, and international cybersecurity standards, including NIST Cybersecurity Framework, NIST SP 800-53, IEC 62443, MITRE ATT&CK and/or ISO 27001.
- Experience working with or advising regulated industries (e.g. financial services, critical infrastructure, healthcare, public sector) is a plus.
- Experience engaging with regulators or internal risk/compliance functions is a plus.
- Familiarity with developing and implementing cybersecurity strategies, developing and delivering tabletop exercises and executive trainings are a plus.
- Experience in incident or crisis management is a plus.
- Business or native proficiency in languages other than English is a plus.
- Ability to travel 25% of the time.
